Sven Auhagen <sven.auhagen@xxxxxxxxxxxx> wrote:
> I have a race condition problem in the flowtable and could
> use some hint where to start debugging.
>
> Every now and then a TCP FIN is closing the flowtable with a call
> to flow_offload_teardown.
I don't understand why this is done. It seems buggy to do this.
The skb has not been seen by conntrack yet, so any reply packet coming
in between the flow_offload_teardown() call and the conntrack actually
moving to close state ...
> Right after another packet from the reply direction is readding
> the connection to the flowtable just before the FIN is actually
> transitioning the state from ESTABLISHED to FIN WAIT.
.. will re-add.
> Any idea why the state is deleted right away?
No idea, but it was intentional, see
b6f27d322a0a ("netfilter: nf_flow_table: tear down TCP flows if RST or FIN was seen")
